diff options
| author | Leo Famulari <leo@famulari.name> | 2016-05-13 02:03:22 -0400 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2016-05-13 02:08:11 -0400 |
| commit | eb74eb4199db3faac654114257996f244ec308f5 (patch) | |
| tree | 9504ae968710941557be6d1edd244618eeb14448 /gnu/packages/patches/poppler-CVE-2015-8868.patch | |
| parent | f10e7ef475da430afa46e0b062010952ed886694 (diff) | |
| parent | e9017c98d61f305b624bacaa30e8891ec0100980 (diff) | |
| download | guix-patches-eb74eb4199db3faac654114257996f244ec308f5.tar guix-patches-eb74eb4199db3faac654114257996f244ec308f5.tar.gz | |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/poppler-CVE-2015-8868.patch')
| -rw-r--r-- | gnu/packages/patches/poppler-CVE-2015-8868.patch | 30 |
1 files changed, 0 insertions, 30 deletions
diff --git a/gnu/packages/patches/poppler-CVE-2015-8868.patch b/gnu/packages/patches/poppler-CVE-2015-8868.patch deleted file mode 100644 index ac78d32ffa..0000000000 --- a/gnu/packages/patches/poppler-CVE-2015-8868.patch +++ /dev/null @@ -1,30 +0,0 @@ -Fixes CVE-2015-8868 (heap overflow). - -Upstream source: -https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433 - -From b3425dd3261679958cd56c0f71995c15d2124433 Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Tue, 22 Dec 2015 22:50:33 +0100 -Subject: Do not crash on invalid files - -Bug #93476 - -diff --git a/poppler/Function.cc b/poppler/Function.cc -index 67283df..ee5afc1 100644 ---- a/poppler/Function.cc -+++ b/poppler/Function.cc -@@ -577,6 +577,10 @@ ExponentialFunction::ExponentialFunction(Object *funcObj, Dict *dict) { - goto err2; - } - n = obj1.arrayGetLength(); -+ if (unlikely(n > funcMaxOutputs)) { -+ error(errSyntaxError, -1, "Function's C0 array is wrong length"); -+ n = funcMaxOutputs; -+ } - for (i = 0; i < n; ++i) { - obj1.arrayGet(i, &obj2); - if (!obj2.isNum()) { --- -cgit v0.10.2 - |